How Would a CIO Handle Security?

Network Security The Key Requirements of Network Infrastructure Security Measures for Internal Network Architecture Storage of sensitive information on Networked Systems Network Connection Control Administrative Services Visitor access Third Party Access to Internal Networks Security of the IT network for any company is very important. Scores of sensitive business information is stored electronically in the IT systems and the company network. An unsecured or a partially secured network has the potential to cause financial losses to the company if the information falls in the wrong hands.

Therefore there is need for installing and network security systems. For any network security to become operational the company must first look into whether the system can be implemented technically and whether it can be implemented throughout the organization. Another consideration for the selection of the network security is to ensure that the system clearly define areas of responsibility for the users, administrators, and management and is flexible and adaptable to the changing environments (Andre-s, 2004).

Thesis statement: it is critical that the company assess, chooses and implements and appropriate network security system to protect data, especially the sensitive ones.

The Key Requirements of Network Infrastructure Security A security system must ensure that the following network infrastructure security principles are met: 1) Allows secure configuration and accessed in a secure fashion of the network devices 2) Network communications use secure protocols 3) Demilitarized zones or DMZs and control devices such as securely configured firewalls or router Access Control Lists needs to be established to allow for the segregation of internal and external facing networks 4) Secure management of remote access to internal networks 5) Proper measures to prevent and detect unauthorized connections and the flow of suspicious traffic (Convery, 2004) Measures for Internal Network Architecture Internal LAN requirements - different types of networked systems such as workstations and servers need to be segregated into distinct VLANs and creation and management of isolated security domains should be the focus.

Security of Network Services - a clear understanding of the security characteristics and implications of network services is necessary before installation. These include issues like the direction of the connection to the network service, deciding on the sensitivity of data flowing over the connection to the network service and encrypting o sensitive data and the inbound and outbound network services should be approved and documented (Andre-s, 2004).

Storage of sensitive information on Networked Systems It is suggested that sensitive information like financial information and non-public research data should not be stored in systems that have access to outside network systems like the internet. Such data should be kept safe and away from directly accessible from external hostile networks.

The servers and the data base that would store the sensitive information should not be connected to the internet network system and limited coded access should be given to only those people who are authorized to access the information from within the organization (Heng, Wright & Goi, 2010). Separate security zones need to be created for sensitive information of the organization. Network Connection Control Restrictions should be imposed wherever possible to limit the access of users to the network.

Such limitations can be through means like limiting network access to specified users during certain times of the day or week or allowing only one-way file transfer to prevent uploading of any malicious files, use of passwords and codes to access certain areas of the network and the use of LAN separation to segregate clusters of users form one another and create a separation between the network devices and hosts.

It must be ensured that open network ports are not included in the network and a system of firewalls and is installed (Convery, 2004). Administrative Services For the purpose of security, the authority to enter into the administrative domain of the network security system and its devices should be restricted to authorized internal IP addresses. Such authorization can include devices used by IT managers or system, network and database administrators.

Visitor access Guidelines and restrictions need to be created to make available dedicated networks for visitors who want to obtain access to specific resources of the network like the internet so that a visitor does not have access to the actual internal network of the company. Only after agreeing to certain user terms and conditions, visitors should be given access to external networks that might be required for the business purposes of the company.

Third Party Access to Internal Networks All requests to access the internal network of the company from third parties via internet, VPNs or dial-up access should go through and be cleared by the IT manager. Clearance should only be given after the IT manager confirms the need and safety of the third party use of the network. Moreover this access should only be granted for a limited period that would be.